How Secure is America's Nuclear Arsenal?

by J. Orlin Grabbe

How secure is America's nuclear arsenal? The question here does not involve
missing American weapons along the line of Russia's hundred or so "suitcase" nuclear
bombs that have mysteriously disappeared. Rather it refers to the electronic security of
nukes known and accounted for.

The launch controls of small missiles are secured by electronic locks. Such
"electronic locks" are just computer security code based on encryption algorithms.
"Small missiles" may be as large as the Minuteman. The National Security Agency
(NSA) is responsible for Minuteman communications security, including unauthorized
intrusion, interference or jamming.

Unauthorized intrusion could result in an unauthorized launch by someone with a
gripe. Look out, Long Island. If you thought TWA 800 was controversial, contemplate
the debate over whether there was or was not a streak in the sky shortly before the
Hamptons were decimated.

More insight into the potential problems with American's nuclear arsenal can be
gleaned from a lawsuit filed against NSA and Sandia National Laboratories by a former
lab employee: William (Bill) Payne.

Sandia has long been involved with the security of America's nuclear arsenal. As
they announce on their website: "We are funded primarily by the U.S. Department of
Energy to design all the non-nuclear components of the nation's nuclear weapons"
(http://www.sandia.gov/). This includes the cryptographic locks used to secure the nukes.
NSA supplies the algorithms and implementation guidelines to Sandia.

Sandia has also in the past performed numerous other extra-curricular projects for
NSA. Prior to finishing its own fabrication facility at the end of the 1980s, NSA relied on
Sandia's classified RHIC-II. What were some of these NSA projects? According to
Payne, NSA abused its relations with Sandia "in order to find ways to develop viruses,
decrypt ATM cards and smart cards, and sabotage private signature keys" [1].

Who is Bill Payne? First, he is the author of three computer texts, one of which is
Embedded Controller FORTH for the 8051 Family, Academic Press, Boston, 1990. [2]

One of the areas Bill Payne worked in at Sandia was cryptographic
microcomputer systems. This includes the creation, as well as the reverse engineering, of
electronic-lock systems.

In addition, from 1986 to 1991 Payne worked on Sandia's Deployable Seismic
Verification System. This project concerned authentication programs for seismic
"events". It was designed to monitor nuclear tests in the former Soviet Union. The
Threshhold Test Ban Treaty signed by the Soviet Union and the U.S. had limited nuclear
tests between the two countries. Any detected "seismic events" could be nuclear tests,
rather than ordinary earthquakes. The purpose of data authentication was to ensure the
received data had not been altered in order to conceal what was really happening. (The
data was not allowed to be encrypted, because the host nation needed to ensure that
monitoring did not exceed the allowable parameters.) Payne was involved with
verification systems based on generalized feedback shift-registers.

Why was Bill Payne fired from Sandia? According to lab officials, in a letter
written to the Equal Employment Opportunity Commission, Payne was fired because of
"conduct that had the potential of compromising the mission of a valued customer as well
as that of Sandia, and for behavior designed to offend the valued customer". Who was
this valued customer? The National Security Agency. Payne had made derogatory
statements about NSA in a letter he sent to a Tokyo university professor.

He also refused a Sandia order to steal corporate secrets under the concealing
guise of national security. At issue appears to be an interagency project called Casanova
which sought to break Hirsch keypad electronic locks. (The name "Casanova" apparently
derives from the intelligence community's obsession with chastity belts.) The company
selling Sandia the keypad had done so under a contract that forbid anyone at the
laboratory to retrieve the keypad's internal code. That is, reverse engineering it in order
to develop software that could be used to break into facilities protected by the keypad.

But Sandia told Payne to break the keypad's security anyway. They also gave him
other projects of questionable legality, such as building a portable device for copying the
magnetic strips on the backs of ATM cards. Apparently NSA need such devices in the
event NSA agents ran out of cash down at Madame Or's Belt House.

Government employees working on classified projects are often forced into a
Catch 22-type environment:

1. First, it is made clear to them that their security clearance will be revoked if
they do illegal work.

2. Next, they are ordered to do illegal work. In Payne's case, his supervisor said
Payne "did not choose his jobs. Rather, Sandia assigns duties" to him. [3]

3. If, however, the employee complains about the order, or threatens to blow the
whistle, national security is invoked to conceal what has happened. A 1980 court case
Navasky vs. CIA indicates that courts will rule that classification procedures and security
oaths are still valid even when an intelligence agency breaks the law.

So the employee who doesn't go along is always wrong. He will be fired if he
doesn't follow orders. If he does follow orders, then in the future he becomes subject to
the threat of prosecution for illegal activities. In short, he is owned by the agencies he
works for. They like it that way.

In a letter to Electronic Engineering Times, Payne wrote: "My Sandia project
leader and several supervisors told me to illegally copy an American company's security
software from microcontroller internal memory to floppy disk. I was told to disassemble
object code. The purpose was to reverse-software-engineer the code with the intent of
defeat. I signed a non-disclosure agreement with this company. I was told to do this
illegal work behind the veil of classification abuse. I refused." [4]

What does this have to do with nuclear security? A lot, it seems. Sandia, operated
by the Department of Energy, has shown it will compromise in order to make NSA and
other spook agencies happy. The NSA is obsessed with the existence of any electronic
lock, or chastity belt, it can't break into. So it insists on compromising security
everywhere, U.S. nuclear facilities included, to ensure it always has an entrance--the
electronic vagina project.

Sandia goes along to get along, and doesn't follow standards and procedures when
it comes to quality control over nuclear security. Take issues like public key
cryptography and chip quality.

Sandia was in charge of implementing public key cryptography in the nuclear
arsenal. The applications of public keys are described by one of the founders of public
key cryptography, Whitfield Diffie, as follows:

"A nuclear weapon could demand a digitally signed order before it would arm
itself; a badge admitting someone to a sensitive area could bear a digitally signed
description of the person; a sensor monitoring compliance with a nuclear test ban treaty
could place a digital signature on the information it reported. Sandia began immediately
both to develop the technology of public-key devices . . . and to study the strength of the
proposed systems . . ." [5]

Sandia began to develop chips for data authentication and access security, using
the RSA encryption algorithm [6]. Now RSA is very hard to implement in practice. If
the computer word size is 8 bits, a 1024-bit RSA key takes up 128 words. In a 64-bit
Cray, it's still 16 words. Other problems arise from the fact that the RSA modulus is not
prime. At Sandia, it took six months to implement RSA in Fortran 77. Even so, a bug
was not found for a year and a half. Sandia's special purpose chips for RSA
implmentation had a failure rate of virtually 100 percent. (It was Cylink corporation that
eventually came up with a workable chip.)

But Payne suggests there are still major problems in Sandia's nuclear security
implementation. This, in addition to the ordinary hardware concerns. (In 1996 three
researchers at Bellcore demonstated a model for breaking some cryptographic schemes by
exploiting random hardware faults (transient faults). [7] The attack they outline can be
directed at certain implementations of RSA and Rabin signatures, as well as certain
authentication protocols like those of Fiat-Shamir and Schnorr. Their attack uses a
register fault that occurs while the hardware device is waiting for a response from the
outside world.)

To repeat, how secure is America's nuclear arsenal? Who has access? Who is in
control?